<?php
    $xtpl_edit      = new XTemplate("view/product/edit.htm");
    
    $id = $_GET['id'];
    
    $query  = "SELECT * FROM product WHERE id_p='" . $id . "'";
    $re     = mysql_query($query);
    $rows   = mysql_fetch_array($re);
    $list   = "SELECT name FROM supplier";
    $res    = mysql_query($list);
    while($row = mysql_fetch_array($res)){
        $xtpl_edit   -> assign('value', $row['name']);
        $xtpl_edit   -> assign('name', $row['name']);
        $xtpl_edit   -> insert_loop('EDIT.LIST', array('LIST'=>$rows));
    }
    
    $xtpl_edit  -> assign('provider', $rows['provider']);
    $xtpl_edit  -> assign('milkname', $rows['milkname']);
    $xtpl_edit  -> assign('size', $rows['size']);
    $xtpl_edit  -> assign('weight', $rows['weight']);
    $xtpl_edit  -> assign('cost', $rows['cost']);
    $xtpl_edit  -> assign('content', $rows['content']);
    $xtpl_edit  -> assign('number', $rows['number']);
    $xtpl_edit  -> assign('image', $rows['image']);
    
    $provider   = $_POST['provider'];
    $milkname   = $_POST['milkname'];
    $size       = $_POST['size'];
    $weight     = $_POST['weight'];
    $cost       = $_POST['cost'];
    $content    = $_POST['content'];
    $number     = $_POST['number'];
    $image      = $rows['image'];
    
    if(isset($_POST['submit'])){
        if(isset($_POST['provider'])&&isset($_POST['milkname'])&&isset($_POST['size'])&&isset($_POST['weight'])&&isset($_POST['cost'])&&isset($_POST['content'])&&isset($_POST['number'])){
            $sql    = "UPDATE product SET provider='" . $provider . "', milkname='" . $milkname . "', size='" . $size . "', weight='" . $weight . "', cost='" . $cost . "', content='" . $content . "', number='" . $number . "' WHERE id_p='" . $id . "'";
            $result = mysql_query($sql);
            if($result){
                $error = "Đã sửa sản phẩm";
            }
            else{
                $error = "Có lỗi xảy ra" . mysql_error();
            }        
        }
        else{
            $error = "Bạn chưa điền đầy đủ thông tin";
        }
    }
    
    if(isset($_POST['cancel'])){
        header("location:index.php?page=product");
    }
    
    $xtpl_edit      -> assign('msg', $msg);
    $xtpl_edit      -> assign('error', $error);    
    $xtpl_edit      -> parse("EDIT");
    $content        = $xtpl_edit -> text("EDIT");
?>